protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { //we won't use it any more. abandon this. //if (!request.Headers.Contains(Configuration.AppKey)) //{ // request.Headers.Add(Configuration.AppKey, AppKey); //} request.Headers.Date = new DateTimeOffset(DateTime.Now, DateTime.Now - DateTime.UtcNow); var representation = _representationBuilder.BuildRequestRepresentation(request); var secret = _secretRepository.GetSecretForAppKey(AppKey); string signature = _signatureCalculator.Signature(secret, representation); var authentication = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format(Configuration.AuthenticationFormat, AppKey, signature))); var header = new AuthenticationHeaderValue(Configuration.AuthenticationScheme, authentication); request.Headers.Authorization = header; return(base.SendAsync(request, cancellationToken)); }
protected async Task <Tuple <bool, string> > IsAuthenticated(HttpRequestMessage requestMessage) { //wo won't use it anymore. //if (!requestMessage.Headers.Contains(Configuration.AppKey)) //{ // return Tuple.Create(false,UnauthorizedReasons.NoAppKeyHeader); //} var isDateValid = IsDateValid(requestMessage); if (!isDateValid.Item1) { return(isDateValid); } if (requestMessage.Headers.Authorization == null || requestMessage.Headers.Authorization.Scheme != Configuration.AuthenticationScheme) { return(Tuple.Create(false, UnauthorizedReasons.NoAuthorizationHeaderOrScheme)); } var authorizationParam = requestMessage.Headers.Authorization.Parameter; var originAuthParm = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(authorizationParam)); var authSplit = originAuthParm.Split(':'); if (authSplit.Length != 2) { return(Tuple.Create(false, UnauthorizedReasons.WrongFormatOfAuthorization)); } var appKey = authSplit[0]; //string appKey = requestMessage.Headers.GetValues(Configuration.AppKey).First(); var secret = _secretRepository.GetSecretForAppKey(appKey); if (secret == null) { return(Tuple.Create(false, UnauthorizedReasons.AppKeyIsNotExists)); } var representation = _representationBuilder.BuildRequestRepresentation(requestMessage); if (string.IsNullOrWhiteSpace(representation)) { return(Tuple.Create(false, UnauthorizedReasons.CantBuildRepresentation)); } //mLogger.Debug(representation); // FileUtil.WriteStringToFile(@"D:\Log.txt", representation + "\r\n", false, true); Log.D(representation + "\r\n"); if (requestMessage.Content.Headers.ContentMD5 != null && !await IsMd5Valid(requestMessage)) { return(Tuple.Create(false, UnauthorizedReasons.MD5NotMatch)); } var signature = _signatureCalculator.Signature(secret, representation); // mLogger.Debug("Signature:"+signature); // FileUtil.WriteStringToFile(@"D:\Log.txt", "Signature:" + signature, false, true); Log.D("IsAuthenticated", "Signature:" + signature); if (MemoryCache.Default.Contains(signature)) { return(Tuple.Create(false, UnauthorizedReasons.ReplayAttack)); } //var result = requestMessage.Headers.Authorization.Parameter == signature; var result = authSplit[1] == signature; if (result) { MemoryCache.Default.Add(signature, appKey, DateTimeOffset.UtcNow.AddMinutes(Configuration.ValidityPeriodInMinutes)); return(Tuple.Create(true, string.Empty)); } return(Tuple.Create(false, UnauthorizedReasons.WrongSignature)); }